A common misconception we have seen in recent years is that compliance equates to security. In the wake of the Equifax and Yahoo hacks, an emerging narrative has been, “How could they let this happen?” The fundamental problem is not that companies are failing to meet the minimum requirements of compliance, but rather that compliance itself is viewed as the end of the security process.
Being compliant means that a company has met the minimum requirements to continue operations in a fair environment; it does not ensure resilience under adverse conditions. The systemic issue is that compliance and security have been traditionally viewed through the lens of separate siloed operations, ranging from network administration to physical security. While this model may have been relevant during the early years of the internet, the sheer global scale of business and interconnected nature of the modern workforce means that organizations need to challenge conventional notions of security.
In today’s global environment, businesses need to assume they will continually operate under less-than-ideal conditions. As such, today’s modern organization must embrace a policy of digital resilience to ensure critical operations are maintained under adverse or even catastrophic conditions.
Digital resilience requires a new approach to security. Dated security policies that separate cyber and physical security create disconnected silos, which naturally make organizations weaker against threats in the physical and digital world. Overcoming this challenge requires a comprehensive approach to security that aligns workflows from physical to cybersecurity. To create a viable solution that bridges these gaps, businesses must begin thinking geographically about the digital world.
Overcoming Challenges in the Physical Realm
Although it may seem counterintuitive, any discussion on cybersecurity must be done through the lens of geography and location. The primary reason is that despite the common perception of the internet being an amorphous entity that transcends the physical domain, the logical construct of cyberspace, in fact, exists within physical nodes.
Understanding the geography of cyberspace is not daunting. On a basic level, cyberspace is nothing more than a utility network, and can be mapped as such. Every computer, server, router and connected device occupies a place in both space and time. Understanding location is therefore key for digital resilience to help ensure operations continue during catastrophic events and prevent unauthorized individuals from accessing critical nodes.
Natural disasters pose a significant threat to cyber infrastructure by disrupting the necessary pathways for information to cross. Digital resilience does not mean an organization can overcome extreme weather and disasters, but rather that business can identify vulnerabilities and implement contingencies and safeguards to limit the damage of disruptions.
Organizations that are in disaster-prone areas are using maps to understand their exposure to disasters and create safeguards for protecting staff and information. By understanding the potential loss from these events, cybersecurity staff can better prepare distributed networks that can preserve the data offsite. By mapping cyber infrastructure, network administrators are in a better position to understand critical nodes to ameliorate disruptions when crises occur.
While hardening systems to be more resilient in natural disasters is important, digital resilience also means being able to overcome digital adversaries, or hackers. Although a popular image of a hacker is a distant individual or team working exclusively online to gain access to a company’s system, in many cases the adversary gets much closer to their target’s network.
In the world of hacking there is a popular phrase: “If I can touch your computer, I own your computer.” Most organizations address physical security with passive measures such as fences, locking doors, identification cards, and video surveillance, which prevent unauthorized individuals from gaining access, but many do not consider the reach of their network or ancillary devices.
The sudden surge of IoT devices, while advancing capabilities, has increased the number of vulnerabilities in many organizations’ networks. Think of a medieval castle. Many only had a single point of entrance, because that was typically the weakest portion of the wall. Digital networks are similar. Every device or node that is added to a network creates a new potential entry point for hackers. There have been multiple cases where hackers were able to gain access to systems through Bluetooth enabled cameras or extended WiFi signals. By mapping the reach of networks, and the total number of devices on a network, security staff can fully understand where their critical nodes are and who can physically access them.
By viewing this nexus as a geographic realm, businesses are in a better position to increase network security.
Maintaining Continuity of Operations
When operating under adverse conditions, the timely flow of accurate information is essential to maintain operations. Oftentimes, delays in response time occur because decision-makers are unable to fully understand the situation with the information available. This is where businesses need to embrace location.
In a crisis, never underestimate the power of knowing where your assets are located, and who is in the best position to respond. Using automated reporting tools that detect network anomalies and field reporting applications, administrators have created real-time dashboards to monitor the current status of their networks and dispatch the appropriate resources to respond to events as they are happening. This ability to quickly monitor a situation, project its potential impact, and implement timely fixes greatly increases an organization’s ability to operate when dealing with adverse situations.
This article originally appeared in the November 2017 issue of Workflow